Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HOuUUKpiGORmKJufmxx7QKZFjc4.roa
File: HOuUUKpiGORmKJufmxx7QKZFjc4.roa (raw, json)
Hash identifier: XFlXP45rOkD43L6gq1miurFxdQPYHbo+B6sFBCJnVCc=
Subject key identifier: 1C:EB:94:50:AA:62:18:E4:66:28:9B:9F:9B:1C:7B:40:A6:45:8D:CE
Certificate issuer: /CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Certificate serial: 019A88AB4983181E541EA8AF340B69B911BB
Authority key identifier: 4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HOuUUKpiGORmKJufmxx7QKZFjc4.roa
Signing time: Sat 15 Nov 2025 17:58:37 +0000
ROA not before: Sat 15 Nov 2025 17:58:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 31.56.125.0/24 maxlen: 24
31.56.192.0/24 maxlen: 24
31.56.193.0/24 maxlen: 24
31.56.195.0/24 maxlen: 24
31.57.221.0/24 maxlen: 24
31.57.237.0/24 maxlen: 24
31.58.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Nov 2025 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:88:ab:49:83:18:1e:54:1e:a8:af:34:0b:69:b9:11:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f1b095fab67633c0127d61ff6857864ea6b25c5
Validity
Not Before: Nov 15 17:58:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ceb9450aa6218e466289b9f9b1c7b40a6458dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:57:83:f7:cc:ae:54:6b:65:d1:05:25:6d:c9:
55:26:cc:a5:89:b2:69:27:9d:12:91:b7:e3:7a:94:
bd:bc:2c:62:63:25:19:b7:59:0f:4a:2f:46:41:b1:
15:20:11:a9:ca:b7:12:9b:ef:75:fb:0c:fe:77:54:
ee:47:6a:fa:0f:e5:29:f8:2c:cd:0a:e3:41:1b:8c:
4c:bf:1a:e6:e5:5d:b7:27:92:37:4b:d0:03:14:3f:
2b:57:60:f5:8f:96:ed:6e:ac:30:e7:d7:f9:ee:17:
69:e8:6f:81:ac:e6:7c:39:33:e2:3b:96:51:9e:90:
77:fe:08:4e:33:08:0d:59:7e:0b:09:f5:1b:5a:0a:
f3:41:3f:06:43:df:cc:d7:c0:42:81:33:bc:03:52:
14:76:33:3a:e9:f7:16:02:aa:71:c2:1c:d6:c8:f2:
92:fd:7c:a6:f7:8a:52:6a:24:0f:f5:b7:6a:53:8d:
e8:80:24:95:8a:5d:7a:ea:e8:80:dc:d7:92:0d:e7:
a5:b7:86:89:76:64:3c:67:24:c6:6d:47:0f:b7:36:
05:f9:f6:73:c5:07:7b:2b:d6:d5:34:ad:a5:4b:8c:
61:5f:95:86:b9:7b:df:45:a3:49:e2:9a:d0:b2:1f:
f7:9f:4f:3f:9f:6b:9f:45:d7:5e:71:a7:66:7c:9a:
45:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:EB:94:50:AA:62:18:E4:66:28:9B:9F:9B:1C:7B:40:A6:45:8D:CE
X509v3 Authority Key Identifier:
keyid:4F:1B:09:5F:AB:67:63:3C:01:27:D6:1F:F6:85:78:64:EA:6B:25:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/HOuUUKpiGORmKJufmxx7QKZFjc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/511f95-e4bf-43f1-af2f-b811cfcb9fd5/1/TxsJX6tnYzwBJ9Yf9oV4ZOprJcU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.56.125.0/24
31.56.192.0/23
31.56.195.0/24
31.57.221.0/24
31.57.237.0/24
31.58.231.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:1e:68:be:34:93:4e:68:ae:1c:90:76:5f:bc:66:52:78:92:
df:ea:5b:83:59:ea:57:19:54:ef:32:a1:7e:6f:1a:14:26:a4:
00:90:20:3d:11:d0:c2:29:f4:a8:ee:c2:76:36:68:34:1d:3b:
88:31:be:85:dd:e6:63:d1:cf:98:09:a8:94:6c:04:87:2c:c1:
cc:ee:65:6d:47:3b:b8:e8:0c:57:63:6e:35:f5:e0:0c:93:c1:
01:73:53:10:fe:44:cc:d2:f3:af:b5:f8:db:07:53:e9:ef:c0:
08:f0:61:c8:c5:50:ed:f2:95:9b:4e:c6:f1:b9:da:74:6b:54:
92:de:82:03:76:bf:b9:85:66:a2:f1:09:14:5a:bd:62:41:be:
25:55:4c:87:60:46:52:e3:bc:85:39:de:f2:93:14:50:8b:dc:
f5:6e:1a:f4:3a:1c:e6:cc:4d:81:d4:65:21:50:a3:6b:ed:32:
01:b6:61:76:df:3d:b5:b1:c9:bb:3c:3e:44:a1:a4:b9:97:74:
ed:91:4e:9a:42:50:a0:22:1f:65:76:b1:da:2a:77:38:de:aa:
86:5c:d4:67:74:44:37:71:fb:ae:aa:b7:55:d5:5e:70:ef:e9:
0f:b1:29:fc:aa:a1:19:ce:91:d6:b9:21:ed:cf:f2:a8:0b:10:
86:d2:27:3c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZqIq0mDGB5UHqivNAtpuRG7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMWIwOTVmYWI2NzYzM2MwMTI3ZDYxZmY2ODU3ODY0ZWE2
YjI1YzUwHhcNMjUxMTE1MTc1ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ViOTQ1MGFhNjIxOGU0NjYyODliOWY5YjFjN2I0MGE2NDU4ZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVeD98yuVGtl0QUlbclVJsylibJp
J50SkbfjepS9vCxiYyUZt1kPSi9GQbEVIBGpyrcSm+91+wz+d1TuR2r6D+Up+CzN
CuNBG4xMvxrm5V23J5I3S9ADFD8rV2D1j5btbqww59f57hdp6G+BrOZ8OTPiO5ZR
npB3/ghOMwgNWX4LCfUbWgrzQT8GQ9/M18BCgTO8A1IUdjM66fcWAqpxwhzWyPKS
/Xym94pSaiQP9bdqU43ogCSVil166uiA3NeSDeelt4aJdmQ8ZyTGbUcPtzYF+fZz
xQd7K9bVNK2lS4xhX5WGuXvfRaNJ4prQsh/3n08/n2ufRddecadmfJpFswIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBzrlFCqYhjkZiibn5sce0CmRY3OMB8GA1UdIwQY
MBaAFE8bCV+rZ2M8ASfWH/aFeGTqayXFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYt
YjgxMWNmY2I5ZmQ1LzEvSE91VVVLcGlHT1JtS0p1Zm14eDdRS1pGamM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi81MTFmOTUtZTRiZi00M2YxLWFmMmYtYjgxMWNmY2I5ZmQ1
LzEvVHhzSlg2dG5ZendCSjlZZjlvVjRaT3BySmNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAHzh9AwQB
HzjAAwQAHzjDAwQAHzndAwQAHzntAwQAHzrnMA0GCSqGSIb3DQEBCwUAA4IBAQB8
Hmi+NJNOaK4ckHZfvGZSeJLf6luDWepXGVTvMqF+bxoUJqQAkCA9EdDCKfSo7sJ2
Nmg0HTuIMb6F3eZj0c+YCaiUbASHLMHM7mVtRzu46AxXY2419eAMk8EBc1MQ/kTM
0vOvtfjbB1Pp78AI8GHIxVDt8pWbTsbxudp0a1SS3oIDdr+5hWai8QkUWr1iQb4l
VUyHYEZS47yFOd7ykxRQi9z1bhr0OhzmzE2B1GUhUKNr7TIBtmF23z21scm7PD5E
oaS5l3TtkU6aQlCgIh9ldrHaKnc43qqGXNRndEQ3cfuuqrdV1V5w7+kPsSn8qqEZ
zpHWuSHtz/KoCxCG0ic8
-----END CERTIFICATE-----
Generated at Mon Nov 17 00:46:45 2025 by rpki-client